Microsoft to disable AutoRun on writeable devices

The familiar “Install or run program” section at the top of the AutoPlay menu in Windows is set to become a much rarer sight, as Microsoft has announced that it’s going to pull the feature when it comes to writeable devices, such as USB thumb drives.

According to Microsoft, the decision was made as a result of disturbing figures from its latest Security Intelligence Report, which revealed that 17.7 percent of malware infections in the second half of 2008 came from AutoRun. Microsoft says that this makes it “the largest single category of malware infections,” and says that it’s also seen a further increase in the number of infections via AutoRun since the start of 2009.

Microsoft says that malicious software, such as the Conficker worm, can currently abuse “the current default AutoRun settings to propagate through removable media like USB devices.” As such, Microsoft says that “it makes sense to adjust the balance between security and usability around removable media.”

However, the company claims that it’s “tried to be very measured in this adjustment to maximise both customer convenience and protection.” Basically, when you plug in a writeable device, such as a USB thumb drive or external hard drive , you’ll now just be given the general AutoPlay menu, which allows you to open files, but you won’t be able to automatically run an executable on the device from the AutoPlay menu.

You can see this in the example pictured above, where the first option under AutoRun in the picture on the left would run a malware app, while giving an average user the impression that they were just opening a folder. With AutoRun disabled on the device, only the genuine option for opening a folder is shown, shutting the malware’s obvious entrance to your system.

Microsoft also points out that non-writable media, such as standard DVD-ROMs and CD-ROMs, will not be affected by the changes, so AutoRun will still work as before on these types of media. “Since non-writeable media such as CD-ROMs generally aren’t avenues for malicious software propagation (because they’re not writeable),” says Microsoft, “we felt it made sense to keep the current behavior around AutoPlay for these devices and make this change only for generic mass storage class devices.”

Microsoft says that the new changes have been made in the Release Candidate build of Windows 7, and also says that it’s planning to bring the changes to Windows Vista and XP in a future update too. Will you miss the AutoRun feature on writable devices, or is this a sensible move to cut down malware infecftions? Let us know your thoughts in the forums.